On Thu, May 29, 2008 at 06:08:47AM -0700, Joel Jaeggli wrote:
Dorn Hetzel wrote:
There is a really huge difference in the ease with which payment from a
credit card can be reversed if fraudulent, and the amount of effort
necessary to reverse a wire transfer. I won't go so far as to say that
On Thu, May 29, 2008 at 11:10:40AM -0700, Joel Jaeggli wrote:
Barry Shein wrote:
Equating port 25 use with domestic terrorism is specious.
Ammonium nitrate requires requires some care in handling regardless of
your intentions,see for exmple the oppau or texas city disasters.
And
So to get Amazon to police their customers either requires
regulation or an external economic pressure. Blocking AWS
from folk's mail servers would apply some pressure,
No it would not. That is what AWS wants you to to.
making
areas of the net go dark to AWS would apply more pressure
I'm not on the MLC (which doesn't have any community representatives
on it at present) anymore.
Nonetheless, I implore everyone to consider this thread dead. It's
run far enough afield on speculation and analogies that I for one
think it's fairly out of scope.
Thanks,
On Wed, May 28, 2008 at 11:08 PM, Barry Shein [EMAIL PROTECTED] wrote:
I am a big, big fan of assessing charges for AUP abuse and making some
realistic attempt to try to make sure it's collectible, and otherwise
make some attempt to know who you're doing business with.
Just out of curiosity,
Dorn Hetzel wrote:
There is a really huge difference in the ease with which payment from a
credit card can be reversed if fraudulent, and the amount of effort
necessary to reverse a wire transfer. I won't go so far as to say that
reversing a wire transfer is impossible, but I would claim it's
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Joel Jaeggli [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 29, 2008 9:09 AM
To: Dorn Hetzel
Cc: nanog@nanog.org
Subject: Re: amazonaws.com?
Dorn Hetzel wrote:
There is a really huge difference in the ease with which
Oh, come on... Businesses buy services every day that have to be paid for
by methods like wire transfer. We're not talking about making it the only
payment method, just the method for deposits for risky services. I wonder
what percentage of Amazon E2C customers even want outbound port 25 access
www.otaotr.com | Phone: 914-460-4039
aim: matthewbhuff | Fax: 914-460-4139
-Original Message-
From: Joel Jaeggli [mailto:[EMAIL PROTECTED]
Sent: Thursday, May 29, 2008 9:09 AM
To: Dorn Hetzel
Cc: nanog@nanog.org
Subject: Re: amazonaws.com?
Dorn Hetzel wrote
@nanog.org
Subject: Re: amazonaws.com http://amazonaws.com?
Dorn Hetzel wrote:
There is a really huge difference in the ease with which payment
from a
credit card can be reversed if fraudulent, and the amount of effort
necessary to reverse a wire transfer. I won't go so
On May 28, 2008 at 23:53 [EMAIL PROTECTED] (Peter Beckman) wrote:
Getting someone to fax their ID in takes extra time and resources, and
means it might be hours before you get your account approved, and for
some service providers, part of the value of the service is the immediacy
On May 29, 2008 at 09:07 [EMAIL PROTECTED] (Al Iverson) wrote:
On Wed, May 28, 2008 at 11:08 PM, Barry Shein [EMAIL PROTECTED] wrote:
I am a big, big fan of assessing charges for AUP abuse and making some
realistic attempt to try to make sure it's collectible, and otherwise
make
On May 29, 2008 at 06:46 [EMAIL PROTECTED] (Joel Jaeggli) wrote:
Dorn Hetzel wrote:
Yeah, there was a day when anyone could buy a pickup truck full of
ammonium nitrate fertilizer from a random feed store and not attract any
attention at all, now, maybe not. Just like port 25, it has
Peter Beckman [EMAIL PROTECTED] writes:
If you are taking card-not-present credit card transactions over the
...snip hard to charge fradulent customers and also verifying customer
identity annoys the customer... points-
The goal here is to give abuse a negative expected return.
One way to
Barry Shein wrote:
On May 29, 2008 at 06:46 [EMAIL PROTECTED] (Joel Jaeggli) wrote:
Dorn Hetzel wrote:
Yeah, there was a day when anyone could buy a pickup truck full of
ammonium nitrate fertilizer from a random feed store and not attract any
attention at all, now, maybe not. Just
On Thu, 29 May 2008, Luke S Crawford wrote:
Peter Beckman [EMAIL PROTECTED] writes:
If you are taking card-not-present credit card transactions over the
...snip hard to charge fradulent customers and also verifying customer
identity annoys the customer... points-
The goal here is to give
What I really, really, (really), don't understand is what is this
perverse urge to argue incessantly that spam and related do little or
no harm, are of little consequence, and nothing can be done about it
anyhow? You'd think we were discussing ways to prevent hurricanes (and
some won't even
Peter Beckman [EMAIL PROTECTED] writes:
...snip use snort suggestion
This is what I think we should ALL be doing -- monitoring our own network
to make sure we aren't the source, via customers, of the spam or DOS
attacks. All outbound email from your own network should be scanned by
Barry Shein wrote:
What I really, really, (really), don't understand is what is this
perverse urge to argue incessantly that spam and related do little or
no harm, are of little consequence, and nothing can be done about it
anyhow? You'd think we were discussing ways to prevent hurricanes (and
On 27 May 2008, at 16:33, Robert Bonomi wrote:
From [EMAIL PROTECTED] Mon May 26 21:16:58 2008
Date: Tue, 27 May 2008 07:46:26 +0530
From: Suresh Ramasubramanian [EMAIL PROTECTED]
To: Colin Alston [EMAIL PROTECTED]
Subject: Re: amazonaws.com?
Cc: [EMAIL PROTECTED]
On Tue, May 27, 2008 at 1
[EMAIL PROTECTED] (Ian Mason) writes:
On 27 May 2008, at 16:33, Robert Bonomi wrote:
Amazon _might_ 'get a clue' if enough providers walled off the EC2
space, and they found difficulty selling cycles to people who couldn't
access the machines to set up their compute applications.
This
On Tue, 27 May 2008, [EMAIL PROTECTED] wrote:
But a more advanced intelligence will wonder why we have to have an SMTP
server architecture that invites attacks. Why, by definition, do SMTP
servers have to accept connections from all comers, by default? We have
shown that other architectures
I don't see how, in your preferred replacement email
architecture, a provider would be able to avoid policing
their users to prevent spam in the way that you complain is
so burdensome.
To begin with, mail could only enter such a system through
port 587 or through a rogue operator signing
: Re: amazonaws.com?
Well the thing that differentiates the cloud is that there is an
infinite amount of resources, the ability to have anonymous access, and
the infinite amount of identities. Basically Amazon has allocated a /18,
/19, and /17 to EC2. The chances of getting the same IP between
On 28 May 2008, at 16:34, Sargun Dhillon wrote:
Well the thing that differentiates the cloud is that there is an
infinite amount of resources, the ability to have anonymous access,
and
the infinite amount of identities.
That sounds great. Presumably in addition to the above the sun is
On Wed, May 28, 2008 at 12:01:30PM -0500, Skywing wrote:
That's somewhat ironic of a sentiment you referred to there, given
that the conception that one should have to hand over one's SSN for
verification to anyone who asks for it is the kind of thing that
many of these spammers/phishers
I think the straightforward fix is for Amazon to put some
practical mail guidelines together for their environment
Has anyone making these suggestions ever thought to look at the Amazon
Web Services agreement that governs these EC2 customers?
On Wed, 28 May 2008, Barry Shein wrote:
On May 28, 2008 at 21:43 [EMAIL PROTECTED] (Peter Beckman) wrote:
On Wed, 28 May 2008, Dorn Hetzel wrote:
I would think that simply requiring some appropriate amount of irrevocable
funds (wire transfer, etc) for a deposit that will be forfeited in
From [EMAIL PROTECTED] Tue May 27 12:06:50 2008
Subject: RE: amazonaws.com?
Date: Tue, 27 May 2008 18:08:16 +0100
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
If the address-space owner won't police it's own property,
there is no reason for the rest of the world to spend the
time
On 27/05/2008 20:53 Robert Bonomi wrote:
Because the _privilege_ to send packets to other networks has been, from
'day one', conditional on the presumption that the sending network _is_
a good neighbor to the networks receiving their traffic.
You need to wake up Dorothy, this isn't Kansas
If I may be so bold as to summarize a few posts:
It's ok to let spammers and other criminals use your systems (e.g.,
compute clouds) to slam others just so long as you get yourself into
the various blacklists.
But I thought (routed) bandwidth was the ISP's stock in trade? And
trust (e.g.,
On 24/05/2008 02:42 Steve Atkins wrote:
If you're seeing something more egregious than just deluges of spam
then [EMAIL PROTECTED] would likely be the right people
to talk to.
They've been contacted about it and, AIUI, state that the spam being sent
from there is not something they're going to
On Sat, May 24, 2008 at 12:13 PM, Kee Hinckley [EMAIL PROTECTED] wrote:
On May 24, 2008, at 3:24 AM, Colin Alston wrote:
You should not accept SMTP from the Amazon EC2 cloud at all. Amazon don't
intend for anyone to use it as an email platform and tell their clients to
use an external relay.
not to excuse this, but... it's not a simple problem. The 'bad guy'
rolls up to the website, orders 200 machines for 20 mins under the
name 'xplosiveman' pays with some paypal/CC and runs his/her job. That
job happens to create a bunch of email outbound. It could be a
legitimate email
EC2 is a pay-per-cycle service, where you can run your work on their
servers. Probably one of their clients. Try [EMAIL PROTECTED]
-Patrick
On May 23, 2008, at 6:59 PM, Barry Shein [EMAIL PROTECTED] wrote:
Is it just us or does someone pWn *.amazonaws.com?
Every one of our mail servers is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Patrick Clochesy wrote:
EC2 is a pay-per-cycle service, where you can run your work on their
servers. Probably one of their clients. Try [EMAIL PROTECTED]
-Patrick
On May 23, 2008, at 6:59 PM, Barry Shein [EMAIL PROTECTED] wrote:
Is it
36 matches
Mail list logo